The security of edge devices presents both a major challenge and an opportunity for building more modern edge security practices. Edge devices exist outside of the protections that IT data centers provide, according to Patrick Sullivan, the global director of security at Akamai.
One of the most prominent concerns is the physical security of the devices, which are more vulnerable to malicious attacks and mishaps of all kinds than typical office equipment and technology safely held within corporate walls.
However, because edge computing distributes processing, storage, and applications across a wide range of devices and data centers, it’s difficult for any single disruption to take down the network.
“This is a very impactful architecture for people as they’re building modern security,” said Sullivan. “So that edge model allows you to kind of have a homogeneous level of visibility and protection regardless of where that computing is. If it’s across a couple of cloud providers and a couple of colocation or data centers, that edge architecture allows you to accommodate all of that compute form factor and it gives you tremendous architectural flexibility.”
A key aspect of modern security is to detect, mitigate and track malicious behavior as close to the threat source as possible.
There’s less data going out to a centralized location and through communication lines, whether it’s fiber-optic or telephone cables. So, there’s less risk, because the data isn’t leaving the edge and going across the internet, which could prove to be highly beneficial for industries that have to transmit highly sensitive information such as the health, finance, and government sectors, according to Sullivan.
Sullivan added that through the reduction of round trips where the data has to travel, and with the optimization of TCP and HTTP protocols, the edge model could avoid a tradeoff between security and speed.
“It cuts across commerce, media, government, financial services. It’s sort of becoming the de facto model for at least web application security and denial of service mitigation,” Sullivan said.
Another reason why organizations look toward an edge security model is because of the difficulty in hiring talent with expertise in things like web application security or mitigating bots that exist on the internet. Instead, those companies look to deploy their security on an edge model and also consume it as a managed service.
“I think the edge security model is really the only viable architecture to stop a truly massive DDoS attack,” Sullivan said. “If you build an edge compute model, you can tap into that most scalable part of the internet. And then what you do is you fight DDoS off before it can aggregate and collect and and really grow.”
“If you have a centralized application, you can access it with millions of devices and try to break it. If you’re doing a DDoS, which is the most popular attack, okay, but if you take this instance of an application, now you have 1000 of those. So it’s going to be way harder to break it because the concentration of devices is going to be lower,” said Lior Fite, CEO of Saguna. “It’s actually increasing the surface, so you need to concentrate a lot more traffic to try and break it.”
Sullivan added that the edge security model can learn something from DevOps processes.
“I think there would be integration at the edge to sort of a DevOps process. So that’s a big focus for developers, making sure that the edge can be programmatically controlled via the APIs and configured as code. So I think that’s something that we’ve seen evolve over the last 5-7 years. And now as you publish, it updates your application. That same workflow can update the edge to any changes that need to be made to your security policy,” Sullivan said.